I'm having trouble establishing a VPN connection to a specific network and I'm not the only one having problems. According to their instructions, I use the standard VPN client built into Windows with a pre-shared key and a username / password. After excluding all the usual things like checking for typos, restarting related hardware, different firewalls, simple test tools like nmap, etc., I turned to traffic analysis. packages itself using Wireshark. From the screenshot below, it looks like a successful connection has been established, including authentication, and VPN traffic ensues. However, in half a second, the connection is interrupted again. The connection is based on IKEv1 and to understand what the different packages represent for this page, it was very useful here: Understanding IPSec IKEv1 negotiation on Wireshark
Now that the connection is naturally encrypted, I can't read the packages directly to get an idea of what's wrong. Fortunately, it seems that WireShark supports decryption of the ESP payload as long as one has access to all the necessary information. So I continued and created an ESP SA entry by writing the following values:
- Protocol: IPv4
- Src IP: My local IP as indicated by Wireshark
- Destination IP: VPN server IP indicated by Wireshark
- SPI: *
- Encryption: AES-CBC
- Encryption key: the encryption key
- Authentication: HMAC-SHA-384-192
However, I am not sure what could be the authentication key, to finalize the decryption configuration. In addition, I would not need to also add an entry to the IKEv1 decryption table of ISAKMP? In this case, I don't know how to get the COOKIE and the encryption key for it in my Windows environment, however.
It is not in my area of expertise, so I may have missed something, and if someone could help me in the right direction, it would be very appreciated!